Project

General

Profile

Actions
Copy link

Bug #12373

closed

Update mpd5 to address vulnerabilities in < 5.9_2

Added by Viktor Gurov about 3 years ago. Updated almost 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Operating System
Target version:
2.6.0
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
22.01
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

https://vuxml.freebsd.org/freebsd/f55921aa-10c9-11ec-8647-00e0670f2660.html:

Version 5.9_2 contains security fix for PPPoE servers. Insufficient validation of incoming PPPoE Discovery request specially crafted by unauthenticated user might lead to unexpected termination of the process. The problem affects mpd versions since 5.0. Installations not using PPPoE server configuration were not affected.

pfSense-2.6.0.a.20210914.0500 still uses mpd5 5.9_1

Actions
Copy link
 #1

Updated by Viktor Gurov almost 3 years ago

pfSense 22.01.a.20211128.0600 uses mpd5-5.9_4

Actions
Copy link
 #2

Updated by Jim Pingle almost 3 years ago

  • Status changed from New to Resolved
  • Target version set to 2.6.0
  • Plus Target Version set to 22.01
Actions
Copy link
 #3

Updated by Jim Pingle almost 3 years ago

  • Private changed from Yes to No
Actions
Copy link

Also available in: Atom PDF